From: um@c2.net (Ulf =?ISO-8859-1?Q?M=F6ller?=)
Date: Thu, 7 Nov 1996 05:24:54 -0800 (PST)
To: ben@algroup.co.uk
Subject: Re: Euro Key Escrow
In-Reply-To: <9611070921.aa15606@gonzo.ben.algroup.co.uk>
Message-ID: <9611071242.AA09360@public.uni-hamburg.de>
MIME-Version: 1.0
Content-Type: text/plain


> It is, apparently, true that the EC is considering schemes for key escrow, by
> "trusted third parties"

There is an extensive survey at the European Cryptography Resources page,
http://www.modeemi.cs.tut.fi/~avs/eu-crypto.html

The EU commission's group DG XIII has been discussing key escrow for quite
some time, but they have not yet been able to agree on a position.
Jerome Thorel has posted some rather scaring interviews with EU official
David Herson who is in favor of a key esrow scheme. Victor Mayer-Schoenfelder
reports that crpyo regulation is likely to be delegated to the more liberal
DG XV.

A number of member states, such as Denmark, very unlikely to accept key
escrow.

> ftp://ftp.dcs.rhbnc.ac.uk/pub/Chris.Mitchell/istr_a2.ps

Ross Anderson has analyzed Mitchell's scheme, drawing the conclusion that
"The GCHQ protocal is very poorly engineered." See
ftp://ftp.cl.cam.ac.uk/users/rja14/euroclipper.ps.Z

> I'm informed that this is likely to be introduced into EC legislation, though
> my understanding is that members are not required to actually incorporate the
> legislation. No doubt France will embrace it with happy shouts.

The final decision will almost certainly with the member states, because
cryptography is considered essential for national security.